Skip to content

The Great DOM Fuzz-off of 2017

I generally recommend people use a current stable Chrome. It’s the most secure browser. Please also install uBO and use 1Password.

Turns out, that recommendation can also be backed up by data. Check the “Results” headline.

Note also how they did not test Safari on Apple, because that hurts too much:

Instead of fuzzing Safari directly, which would require Apple hardware, we instead used WebKitGTK+ which we could run on internal (Linux-based) infrastructure. We created an ASAN build of the release version of WebKitGTK+. Additionally, each crash was verified against a nightly ASAN WebKit build running on a Mac.

Yup, Apple development and testing happening on Linux.

Published inAppleHackerterrorcybercyber

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *